-
-
Notifications
You must be signed in to change notification settings - Fork 751
Enabling CORS
Jeanfrancois Arcand edited this page Sep 13, 2013
·
10 revisions
In order to allow Cross-Origin Resource Sharing (CORS), you can either use the filter that ships with your WebServer, install the Atmosphere interceptor called CorsInterceptor or write your own like below.
To learn more about filters in general, this Oracle tutorial about the essentials of filters is worth reading.
public class CorsFilter implements Filter{
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest)request;
HttpServletResponse res = (HttpServletResponse)response;
if(req.getHeader("Origin") != null){
res.addHeader("Access-Control-Allow-Origin", "*");
res.addHeader("Access-Control-Expose-Headers", "
X-Cache-Date, X-Atmosphere-tracking-id");
}
if("OPTIONS".equals(req.getMethod())){
res.addHeader("Access-Control-Allow-Methods", "OPTIONS, GET, POST");
res.addHeader("Access-Control-Allow-Headers",
"Origin, Content-Type, X-Atmosphere-Framework,
X-Cache-Date, X-Atmosphere-tracking-id, X-Atmosphere-Transport");
res.addHeader("Access-Control-Max-Age", "-1");
}
chain.doFilter(req, res);
}
@Override
public void destroy() { }
@Override
public void init(FilterConfig filterConfig) throws ServletException { }
}
To activate the CORS filter, assign it to your servlet in the web application deployment descriptor:
<filter>
<filter-name>CORS Filter</filter-name>
<filter-class>com.example.CorsFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CORS Filter</filter-name>
<servlet-name>AtmosphereServlet</servlet-name>
</filter-mapping>
<servlet>
<servlet-name>AtmosphereServlet</servlet-name>
<servlet-class>org.atmosphere.cpr.AtmosphereServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>AtmosphereServlet</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
On atmosphere.js side, make sure you configure the enableXDR to true:
AtmosphereRequest request = new $.atmosphere.AtmosphereRequest();
request.enableXDR = true;
request.readResponsesHeaders = false; // Atmosphere 1.0.x only
Search the mailing list as well for proxies information.
- Understanding Atmosphere
- Understanding @ManagedService
- Using javax.inject.Inject and javax.inject.PostConstruct annotation
- Understanding Atmosphere's Annotation
- Understanding AtmosphereResource
- Understanding AtmosphereHandler
- Understanding WebSocketHandler
- Understanding Broadcaster
- Understanding BroadcasterCache
- Understanding Meteor
- Understanding BroadcastFilter
- Understanding Atmosphere's Events Listeners
- Understanding AtmosphereInterceptor
- Configuring Atmosphere for Performance
- Understanding JavaScript functions
- Understanding AtmosphereResourceSession
- Improving Performance by using the PoolableBroadcasterFactory
- Using Atmosphere Jersey API
- Using Meteor API
- Using AtmosphereHandler API
- Using Socket.IO
- Using GWT
- Writing HTML5 Server-Sent Events
- Using STOMP protocol
- Streaming WebSocket messages
- Configuring Atmosphere's Classes Creation and Injection
- Using AtmosphereInterceptor to customize Atmosphere Framework
- Writing WebSocket sub protocol
- Configuring Atmosphere for the Cloud
- Injecting Atmosphere's Components in Jersey
- Sharing connection between Browser's windows and tabs
- Understanding AtmosphereResourceSession
- Manage installed services
- Server Side: javadoc API
- Server Side: atmosphere.xml and web.xml configuration
- Client Side: atmosphere.js API